🔥 3-day streak
ISC2 CCSP — Certified Cloud Security Professional96 / 124
Question 96 of 124
A cloud-native company builds container images in its CI/CD pipeline and deploys them to a managed Kubernetes service. After a widely publicized incident where a compromised third-party build tool injected malicious code into published artifacts, the security team wants to ensure that only images whose exact component inventory is known and verifiably unaltered can be deployed to production. Which practice most directly addresses this requirement?
Reviewed for accuracy · Report an issueNext question